| 1 | #! /usr/bin/env perl
|
|---|
| 2 | # Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
|
|---|
| 3 | #
|
|---|
| 4 | # Licensed under the Apache License 2.0 (the "License"). You may not use
|
|---|
| 5 | # this file except in compliance with the License. You can obtain a copy
|
|---|
| 6 | # in the file LICENSE in the source distribution or at
|
|---|
| 7 | # https://www.openssl.org/source/license.html
|
|---|
| 8 |
|
|---|
| 9 | use Getopt::Long;
|
|---|
| 10 |
|
|---|
| 11 | my $activate = 1;
|
|---|
| 12 | my $conditional_errors = 1;
|
|---|
| 13 | my $security_checks = 1;
|
|---|
| 14 | my $mac_key;
|
|---|
| 15 | my $module_name;
|
|---|
| 16 | my $section_name = "fips_sect";
|
|---|
| 17 |
|
|---|
| 18 | GetOptions("key=s" => \$mac_key,
|
|---|
| 19 | "module=s" => \$module_name,
|
|---|
| 20 | "section_name=s" => \$section_name)
|
|---|
| 21 | or die "Error when getting command line arguments";
|
|---|
| 22 |
|
|---|
| 23 | my $mac_keylen = length($mac_key);
|
|---|
| 24 |
|
|---|
| 25 | use Digest::SHA qw(hmac_sha256_hex);
|
|---|
| 26 | my $module_size = [ stat($module_name) ]->[7];
|
|---|
| 27 |
|
|---|
| 28 | open my $fh, "<:raw", $module_name or die "Trying to open $module_name: $!";
|
|---|
| 29 | read $fh, my $data, $module_size or die "Trying to read $module_name: $!";
|
|---|
| 30 | close $fh;
|
|---|
| 31 |
|
|---|
| 32 | # Calculate HMAC-SHA256 in hex, and split it into a list of two character
|
|---|
| 33 | # chunks, and join the chunks with colons.
|
|---|
| 34 | my @module_mac
|
|---|
| 35 | = ( uc(hmac_sha256_hex($data, pack("H$mac_keylen", $mac_key))) =~ m/../g );
|
|---|
| 36 | my $module_mac = join(':', @module_mac);
|
|---|
| 37 |
|
|---|
| 38 | print <<_____;
|
|---|
| 39 | [$section_name]
|
|---|
| 40 | activate = $activate
|
|---|
| 41 | conditional-errors = $conditional_errors
|
|---|
| 42 | security-checks = $security_checks
|
|---|
| 43 | module-mac = $module_mac
|
|---|
| 44 | _____
|
|---|
